Managed Security Services Provider (MSSP) Market News: 10 July 2023 -

Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

The Content: Written for MSSPs and MSPs; threat hunters security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. Data Security Incident: HCA Healthcare recently discovered that some patient information was accessed by an unknown and unauthorized party on an online forum. HCA Healthcare confirmed that the list contains information used for email messages, such as reminders that patients may wish to schedule an appointment and education on healthcare programs and services.

2. Malware Alert: Guardz has disclosed the existence of a new information stealing malware known as ShadowVault, available for rent on the dark web's popular XSS forum. The malware is capable of stealing sensitive data from macOS-based devices, posing a significant threat to businesses and individuals alike, the company said.

3. Leadership Move: Qualys, a provider of cloud-based IT, security and compliance solutions, has appointed Dino DiMarino as chief revenue officer. He will be responsible for leading the global sales and partner organizations along with all aspects of revenue performance focusing on delivering sustainable customer value and business outcomes.

4. Leadership Move: High Wire Networks, a global provider of managed cybersecurity and technology enablement, has appointed John “JP” Peterson as chief product officer. In this new position, Peterson, cybersecurity industry veteran, inventor and thought leader, will be responsible for leading High Wire’s Overwatch Cybersecurity product strategy and development.

5. Cybersecurity Acquisition: Forcepoint has signed a definitive agreement to sell its Global Governments and Critical Infrastructure (G2CI) business to TPG, a global alternative asset management firm. The transaction will separate Forcepoint’s Commercial and G2CI businesses and will establish G2CI as an independent entity. The transaction will position the new company to grow its platform as a cybersecurity provider for defense, intelligence and critical national infrastructure organizations. TPG will invest in Forcepoint G2CI through TPG Capital, the firm’s U.S. and European late-stage private equity platform.

6. Leadership Move: MSSP/MSP Omega Systems announced it has appointed Mike Fuhrman as CEO, succeeding co-founders Bill and Jen Kiritsis. Fuhrman joins Omega from Flexential, a hybrid IT solutions provider, where he was chief operating officer and oversaw the company’s cloud and managed services business.

7. Malware Alert: Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems. The campaign, which started in May, relies on a different infection chain than previously observed. LNK files deploy the payloads instead of the typical malicious Word documents seen in past attacks from the group. (Source: Bleeping Computer)

8. New Malware Strain: Cybersecurity researchers have discovered a new Windows-based malware strain dubbed "Meduza Stealer," exhibiting advanced data theft techniques and a design enabling it to evade detection. The Uptycs Threat Research team came across the malware while monitoring dark web forums and Telegram channels. "Crafted by an enigmatic actor known as 'Meduza,' this malware has been specifically designed to target Windows users and organizations, currently sparing only ten specific countries from its reach," Uptycs wrote. (Source: Computing)

9. Ransomware Attack Reported: The U.K.’s largest NHS trust is investigating a ransomware incident as the country’s public sector continues to battle a rising wave of cyberattacks. Barts Health NHS Trust, which runs five London-based hospitals and serves more than 2.5 million patients, was recently added to the dark web leak site of the ALPHV ransomware gang. The gang, also known as BlackCat, says it has stolen 70 terabytes of sensitive data in what it claims is the biggest breach of healthcare data in the U.K. (Source: TechCrunch)